[Seaside] Re: passing through to a new session
Yanni Chiu
yanni at rogers.com
Fri Aug 13 02:54:23 CEST 2004
Avi Bryant wrote:
>
> On Aug 12, 2004, at 3:42 AM, Kamil Kukura wrote:
>
> > Now there's one inconvenience: if user goes away from the computer
> > after logout and then he returns back after 1-2 hours when session is
> > too old, he/she will put there [on login form] name and password and
> > "session expired" page will appear. Is it possible to solve this in
> > some elegant way?
>
> That's a very good question. I don't think there's anything elegant
> right now - the only thing you could do is change the Session Expiry
> Seconds configuration so that the whole app had a very long expiry
> time.
How about something like:
Session expired means the session is no longer usable.
What's needed is an authentication expired state, with
an expiry time that's shorter than the session expiry.
A session in this state would put up the login form
and on successful re-authentication, would go back
into an active session state.
--yanni
More information about the Seaside
mailing list